prevent fraud involving fake news, misleading advertisements and fake products on online platforms
Analysis of the Script
Potentially Malicious Elements Found
-
Suspicious External JavaScript
-
The script references
dom.js
from a relative path (css/dom.js
). If this file is malicious, it could inject harmful code. -
A script is calling
window.vitBack("https://pixajotexu.org/...")
, which redirects users to an external domain, potentially leading to phishing or malware.
-
-
Tracking & Data Collection
-
Facebook Pixel tracking (
fbq
) is included, which collects user data and sends it to Facebook. -
A script makes an AJAX request to
hash.php?a=27gr2cfrlfrf
, potentially sending user information to a remote server.
-
-
Fake News & Scam Elements
-
The webpage mimics The Indian Express, a well-known news portal, but the actual article promotes a fake investment scheme (Instant Chenix +30).
-
The news about Shreya Ghoshal's arrest appears fabricated to lure users into the investment scam.
-
The names of celebrities (Shreya Ghoshal, Kareena Kapoor Khan) are misused to establish credibility.
-
Unrealistic financial claims (earning ₹180,000–₹250,000 per day) are classic hallmarks of investment scams.
-
-
Potential Phishing / Fraudulent Links
-
Multiple links point to
https://fin-news.world
, a likely fraudulent site designed to mislead users. -
The script attempts to redirect users to these links and encourages them to invest money.
-
The website claims the National Bank is investigating Shreya Ghoshal, another tactic to increase urgency and credibility.
-
-
Possible Keylogging or User Interaction Tracking
-
The script includes cookie retrieval functions (
getCookie(cname)
) that could be used to steal session cookies or login credentials.
-
Conclusion
The script is highly suspicious and likely part of a phishing scam. It uses:
-
Fake news and celebrity endorsements to promote a fraudulent investment scheme.
-
Tracking scripts and cookie manipulation for possible data harvesting.
-
Malicious redirects to an external domain, possibly leading to further scams or malware.
⚠️ Recommendation:
-
Do NOT open the site or interact with it.
-
Do NOT enter any personal or financial information.
-
Report the URL (
fin-news.world
) to cybersecurity authorities. -
Block access to the domain in browsers and firewalls.
Comments
Post a Comment